General

  • Target

    ae9df55eb04ca70d70c1352aee461c7b

  • Size

    188KB

  • Sample

    240229-qnzp4aac9s

  • MD5

    ae9df55eb04ca70d70c1352aee461c7b

  • SHA1

    7938f32786fe069faed8ae84ffa0672714e4f207

  • SHA256

    ebe38a72140f3e4a4ca82aaf0fb16f359950d34cb0a66f0f4e4cc380ef299716

  • SHA512

    0b614334bd3b95d16466b6cc1d476c916ffcffb38ba87d9f49f10722bbef0b1a89dd03b3c2e7270ca396ef2d5a2e4b6570670c061a60c9a7c5537804b9fb2c20

  • SSDEEP

    3072:qA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAozo:qzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      ae9df55eb04ca70d70c1352aee461c7b

    • Size

      188KB

    • MD5

      ae9df55eb04ca70d70c1352aee461c7b

    • SHA1

      7938f32786fe069faed8ae84ffa0672714e4f207

    • SHA256

      ebe38a72140f3e4a4ca82aaf0fb16f359950d34cb0a66f0f4e4cc380ef299716

    • SHA512

      0b614334bd3b95d16466b6cc1d476c916ffcffb38ba87d9f49f10722bbef0b1a89dd03b3c2e7270ca396ef2d5a2e4b6570670c061a60c9a7c5537804b9fb2c20

    • SSDEEP

      3072:qA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAozo:qzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks